class SessionsController < ApplicationController
  include LockDown::Session::Configure
  def new
    @sesssion = Session.new
  end
  
  def create
    if store_session_user(User.authenticate(params['login'],params['password']))
      flash[:notice] = "Login successful"
      session[:permissions] = LockDown.protected_actions(session[:user_id])
      goto_url = get_continuation_url
      redirect_to(goto_url)
      return
    else
      flash[:error] = "Login unsuccessful"
      redirect_to :action => :new
    end
  end

  def destroy
    reset_session
    redirect_to(home_url)
  end

  private
    def get_continuation_url
      rvalue = home_url
      if session[:continue_on]
        rvalue = session[:continue_on]
        session[:continue_on] = nil
      end
      rvalue 
    end
end
